Hack Turns Cisco's Desk Phone Into A Spying Device

Cisco’s internet phones — which sit on thousands of desks around the world — have been shown to be easily hacked and turned into remote spying devices. The official announcement comes two whole weeks after Cisco first found out about the problem.

The exploit was discovered by Ang Cui and Salvatore Solfo, a pair of computer scientists from Columbia University’s engineering department. They presented the finding at the 29th Chaos Communication Congress in late December. By attaching a small device to the local serial port on the phone, they were able to inject code that gave them complete control over the device — allowing them to remotely monitor phone calls and turn on the phone’s microphone to eavesdrop on conversations happening near the phone. In a statement, Cisco explained:

“Cisco recognises that while a number of network, device, and configuration based mitigations exist, there is no way to mitigate the physical attack vector on the affected devices. To this end, Cisco will conduct a phased remediation approach and will be releasing an intermediate Engineering Special software release for affected devices to mitigate known attack vectors for the vulnerability documented in this advisory.”

The networking company will roll out a software patch later this month to remedy the problem, which currently affects a number of models in the CiscoUnified IP Phone 7900 series. Until then, be careful what you say while sat at your desk. [Cisco, Ars Technica]

Only if you've been in the presence of the phone to attach a "small device to the local serial port" to "inject code" If you have not been with the phone you and the rest of the hacker scum in the world are shit out of luck.

Yer.. we have these at work now.. there is a camera cover latch on ours, so at least they couldn't use the video part.. but listening to calls and all that is pretty bad.

The thing to remember of course is that this "hack" still requires physical access to the devices and if you have physical access, then this is just a "phone tap" situation really.. sure there's a security flaw in the device that can be patched but the people who want to do this will just do something else because they have physical access anyway.